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IN THE CLAIMS : 

1. (currently amended) A method for providing access to users based on user 
profiles and using a web-based system that includes a server system coupled to a centralized 
interactive database and at least one client system, said method comprising the steps of: 

creating an electronic profile for a user within a centralized database; 

creating an electronic profile for data within the centralized database; 

establishing pre-determined rules and methodology for user access; 

making a decision with ref e r e nc e to determining whether to grant the user access to an 
application after completing an evaluation based on the electronic profiles, pre-determined 
rules, and operating methodology in response to a request fi-om the user for access to the 
a pplication : 

if the user is denied access to the application, notifying the user of the denial to access 
the application; 

if the user is granted access to the application, determining whether to grant the user 
access to a set of specific data within the application after completing an evaluation based on 
the electronic profiles, pre-determined rules, and operating methodology in response to a 
request fi-om the user for access to the set of specific data: 

if the user is denied access[[,]] to the set of specific data: 

prompting the user to complete a request for quick approval wherein the 
request for quick approval includes a list of data for approval; 

automatically determining, using an internal exception access process an 
approval or a disapproval of quick access based on pre-established criteria and the list of data 
for approval; 

if the request for quick approval is approved, at least one of automatically 
adding a rule to the centralized database and automatically adding ar -the user to the 
centralized database for access to the set of specific data : 



if the rule is added, updating an exception list;-and 
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if the user is added, updating the centralized database to permit the 
user access to the set of specific data; 

notifying the user of the approval of the request for quick approval; 

if the request for quick approval is denied, notifying the user of the denial of 
the request for quick approval; and 

if the user is granted access to the set of specific data, making the set of specific data 
available to the user . 

2. (previously presented) A method according to Claim 1 wherein said step of 
creating an electronic profile for a user fiorther comprises the step of creating an electronic 
profile based on information available fi-om at least one an Oracle Human Resource 
Application and a Request for Computer Access Application. 

3. (original) A method according to Claim 1 wherein said step of creating an 
electronic profile for data fiirther comprises the step of creating data profiles based on at least 
one of Data Elements, Data Tags, Rules of Access, an Approver's Name for Each Rule of 
Access, Rules of Exclusion, an Exception List, and Field Tags. 

4. (original) A method according to Claim 3 wherein said step of establishing 
pre-determined rules and methodology for user access further comprises the steps of: 

establishing pre-determined rules in the centralized database based on at least one of 
Rule Based Access guidelines, Group Based Access guidelines. Search & Subscribe Utilities 
guidelines. Active Positioning Monitoring guidelines, Hard Exclusion Rules guidelines, and 
Access Audits guidelines; and 

establishing methodology to ensure fimely and accurate decision making based on 
criteria established by the management. 

5. (currently amended) A method for managing user profile information, 
including managing access control to applications and data by implementing a level of 
security across the different applications that is the same for each application, using a web- 
based system that includes a server system coupled to a centralized interactive database and 
at least one client system, said method comprising the steps of: 
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providing capabilities for a user to request access to information that the user 
currently does not have access to; 

tracking a status of the—a request using a tracking component coupled to the 
centralized interactive database; 

obtaining a decision of whether to grant the user access to a user requested application 
from an owner of the data- application requested: 

implementing the decision comprising: 

if the user is denied access to the application, notifying the user of the denial 
to access the application; 

if the user is granted access to the application, determining whether to grant 
the user access to a set of specific data within the application after completing an evaluation 
based on the electronic profiles, pre-determined rules, and operating methodology in response 
to a request fi:-om the user for access to the set of specific data; 

if the user is denied access[[,]] to the set of specific data: 

prompting the user to complete a request for quick approval wherein 
the request for quick approval includes a list of the information the user is requesting access 
to for approval; 

automatically determining, using an internal exception access process 
an approval or a disapproval of the-quick access r e qu e st based on pre-established criteria and 
the list of information the user is requesting access to; 

if the request for quick approval is approved, at least one of 
automatically adding a rule to the centralized interactive database and automatically adding a 
the user to the centralized interactive database for access to the set of specific data ; 

if the rule is added, updating an exception list;-afid 

if the user is added, updating the centralized interactive 
database to permit the user access to the set of specific data: 
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notifying the user of the approval of the request for quick 

approval: 

if the request for quick approval is denied, notifying the user of the 
denial of the request for quick approval; and 

if the user is granted access to the set of specific data, making the set of 
specific data available to the user . 

6. (canceled) 

7. (original) A method according to Claim 5 wherein said step of implementing 
the decision further includes the steps of reviewing and auditing the user access. 

8. (original) A method according to Claim 5 wherein said step of implementing 
the decision fiirther includes the step of creating a consistent security model that includes 
centralized administration of security of the system and uses single user profile and privilege 
for accessing different applications. 

9. (original) A method according to Claim 5 wherein said method fiirther 
comprises the steps of; 

creating user profiles; 

providing access control to data associated with user profiles; 

defining permissions based on a user identifier associated with user profiles; and 

developing a specification for user interfaces. 

10. (original) A method according to Claim 5 fiirther comprising the step of 
providing administration of a common security model for access control and event 
notification. 

11. (original) A method according to Claim 5 fiirther comprising the step of 
updating profiles automatically on at least one of a pre-determined timed interval and a 
change in organization hierarchy. 
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12. (original) A method according to Claim 5 further comprises the step of 
updating profiles automatically when a user transfers departments. 

13. (original) A method according to Claim 5 further comprising the step of 
generating access list reports that identify accessible and non-accessible data and restrictions 
for access. 

14. (original) A method according to Claim 5 further comprising the step of 
retrieving information from the centralized database in response to a specific inquiry fi"om an 
administrator. 

15. (original) A method according to Claim 5 wherein the client system and the 
server system are connected via a network and wherein the network is one of a wide area 
network, a local area network, an intranet and the hitemet. 

16. (withdrawn) A computer-implemented database embodied on a computer- 
readable medium configured to be protected fi'om access by unauthorized individuals by 
managing user and data profiles by an administrator, said database providing access to users 
based on pre-determined rules and criteria further comprising: 

pre-established criteria data developed firom access rules and criteria including at least 
one of Rule Based Access guidelines, Group Based Access guidelines. Search & Subscribe 
Utilities guidelines. Active Positioning Monitoring guidelines, Hard Exclusion Rules 
guidelines, and Access Audits guidelines; 

applications data including system administrator defined attributes that cross- 
references the applications profile data against unique identifiers; 

user data that includes a user's organization and citizenship, that cross-references the 
users profile data against unique identifiers; and 

pre-determined rules and methodologies data that facilitates accurate user access 
decision making. 

17. (canceled) 

18. (canceled) 
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19. (canceled) 



20. (canceled) 



